package com.zlb.configuration;

import com.auth0.jwt.JWT;
import com.auth0.jwt.JWTVerifier;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.zlb.domain.User;
import java.io.UnsupportedEncodingException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class JWTCredentialsMatcher implements CredentialsMatcher {

  private final Logger log = LoggerFactory.getLogger(JWTCredentialsMatcher.class);

  @Override
  public boolean doCredentialsMatch(AuthenticationToken authenticationToken,
      AuthenticationInfo authenticationInfo) {
    String token = (String) authenticationToken.getCredentials();
    Object stored = authenticationInfo.getCredentials();
    String salt = stored.toString();

    User user = (User) authenticationInfo.getPrincipals().getPrimaryPrincipal();
    try {
      Algorithm algorithm = Algorithm.HMAC256(salt);
      JWTVerifier verifier = JWT.require(algorithm)
          .withClaim("username", user.getUsername())
          .build();
      verifier.verify(token);
      return true;
    } catch (UnsupportedEncodingException | JWTVerificationException e) {
      log.error("Token Error:{}", e.getMessage());
    }

    return false;
  }

}
